﻿@{
    SiteSecurity.RequireAuthenticatedUser();

    if (Roles.IsUserInRole(UsersRoles.Admin))
    {
        Layout = "~/Admin/_AdminSiteLayout.cshtml";
    }
    else
    {
        Layout = "~/Shared/_SiteLayout.cshtml";
    }

    Page.Title = "Change Password";

    bool isValid = true;
    bool isSuccess = false;
    var errorMessage = "";
    var currentPasswordError = "";
    var newPasswordError = "";
    var confirmPasswordError = "";
    var currentPassword = Request["currentPassword"];
    var newPassword = Request["newPassword"];
    var confirmPassword = Request["confirmPassword"];

    if (IsPost)
    {
        if (currentPassword.IsEmpty())
        {
            currentPasswordError = "Please enter your current password.";
            isValid = false;
        }
        if (newPassword.IsEmpty())
        {
            newPasswordError = "Please enter a new password.";
            isValid = false;
        }
        if (confirmPassword.IsEmpty())
        {
            confirmPasswordError = "Please confirm your new password.";
            isValid = false;
        }
        if (confirmPassword != newPassword)
        {
            confirmPasswordError = "The password confirmation does not match the new password.";
            isValid = false;
        }

        if (isValid)
        {
            //if (SiteSecurity.ChangePassword(SiteSecurity.CurrentUserName, currentPassword, newPassword))
            if (SiteSecurity.ChangePassword(currentPassword, newPassword))
            {
                isSuccess = true;
            }
            else
            {
                errorMessage = "An error occurred when attempting to change the password. Please contact the site owner.";
            }
        }
        else
        {
            errorMessage = "Password change failed. Please correct the errors and try again.";
        }
    }
}
@if (isSuccess)
{
    <p class="message success">
        Your password has been updated!
    </p>
}
@if (!errorMessage.IsEmpty())
{
    <p class="message error">
        @errorMessage
    </p>
}
<form method="post" action="">
<fieldset>
    <legend>Change Password Form</legend>@* <p>
        Use this form to change your password. You'll be required to enter your current
        password. Click <a href="@Href("~/Account/ForgotPassword")" title="Forgot password page">
            here</a> if you've forgotten your password.
    </p>*@
    <ol>
        <li class="current-password">
            <label for="currentPassword">
                Current Password:</label>
            <input type="password" id="currentPassword" name="currentPassword" title="Current password" @if (!currentPasswordError.IsEmpty())
                                                                                                        {<text>class="error-field"</text>} />
            @if (!currentPasswordError.IsEmpty())
            {
                <label for="currentPassword" class="validation-error">@currentPasswordError</label>
            }
        </li>
        <li class="new-password">
            <label for="newPassword">
                New Password:</label>
            <input type="password" id="newPassword" name="newPassword" title="New password" @if (!newPasswordError.IsEmpty())
                                                                                            {<text>class="error-field"</text>} />
            @if (!newPasswordError.IsEmpty())
            {
                <label for="newPassword" class="validation-error">@newPasswordError</label>
            }
        </li>
        <li class="confirm-password">
            <label for="confirmPassword">
                Confirm Password:</label>
            <input type="password" id="confirmPassword" name="confirmPassword" title="Confirm new password" @if (!confirmPasswordError.IsEmpty())
                                                                                                            {<text>class="error-field"</text>} />
            @if (!confirmPasswordError.IsEmpty())
            {
                <label for="confirmPassword" class="validation-error">@confirmPasswordError</label>
            }
        </li>
    </ol>
    <p class="form-actions">
        <input class="button medium green" type="submit" value="Change Password" title="Change password" />
    </p>
</fieldset>
</form>